CVE-2010-0522 Information

Description

Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who had former membership in the admin group which allows remote authenticated users to leverage this former membership to obtain a server connection via screen sharing.

Reference

http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077